[Buildroot] [PATCH 0/2] libcurl: Incorrect fix for CVE-2016-8625
Jeroen Roovers
jer at airfi.aero
Thu Nov 3 11:28:57 UTC 2016
On 3 November 2016 at 12:19, Baruch Siach <baruch at tkos.co.il> wrote:
> I could not find any mention of libidn2 in the CVE-2016-8625 advisor at
> https://curl.haxx.se/docs/adv_20161102K.html .
Indeed. The commit that switched to libidn2 does mention the advisory.
https://github.com/curl/curl/commit/9c91ec778104ae3b744b39444d544e82d5ee9ece
Regards,
jer
More information about the buildroot
mailing list